The FBI Suggests Everyone Reset Their Routers Because of Russian Malware

The FBI announced Friday that Russian hackers have created a malware system which has infected hundreds of thousands of routers.

While the malware is quite sophisticated, pretty much anyone should be capable of taking the initial steps required to combat it. Turn your router off. Then turn it back on again. There's more to it, to be sure, but it has been recommended that all home routers or small office routers get a restart. That should clear the immediate threat.

Users are also urged to download updates for their routers.

Cisco's Talos security team revealed the malware on Wednesday. It announced more than 500,000 devices in at least 54 countries have been infected with the malware called VPNFilter. Brands known to have been hit include Linksys, MikroTik, Netgear, TP-Link, and QNAP.

"Foreign cyber actors have compromised hundreds of thousands of home and office routers and other networked devices worldwide," the FBI's public service announcement reads. "The malware is able to perform multiple functions, including possible information collection, device exploitation, and blocking network traffic." It can also "destroy the devices with a single command," explains Ars Technica.

Routers were left infected even though the FBI seized a website used to direct hacked routers, which "cut off malicious communications," according to Reuters.

The below devices are vulnerable to the malware according to a post from Symantec.

Symantec notes that rebooting your device will remove any "stage 2" or "stage 3" elements downloaded by VPNFilter. Rebooting will "(temporarily at least) remove the destructive component of VPNFilter." However, those removed elements could be reinstalled by hackers. Reboot the router and "you should then apply the latest available patches to affected devices and ensure that none use default credentials," writes Symantec.

The FBI echoed similar instructions to those issued by Symantec. "Owners are advised to consider disabling remote management settings on devices and secure with strong passwords and encryption when enabled. Network devices should be upgraded to the latest available versions of firmware."